c#3c

Which default Gaia user has full read/write access?. superuser. monitor. altuser. admin.

Which icon in the WebUI indicates that read/write access is enabled?. Eyeglasses. Pencil. Padlock. Book.

Which SmartConsole tab is used to monitor network and security performance?. Logs Monitor. Manage Settings. Security Policies. Gateway Servers.

Check Point Update Service Engine (CPUSE), also known as Deployment Agent [DA], is an advanced and intuitive mechanism for software deployment on Gaia OS. What software packages are supported for deployment?. It supports deployments of single HotFixes (HF), and of Major Versions. Blink Packages and HotFix Accumulators (Jumbo) are not supported. It supports deployments of single HotFixes (HF), of HotFix Accumulators (Jumbo), and of Major Versions. It supports deployments of Major Versions and Blink packages only. It supports deployments of single HotFixes (HF), of HotFix Accumulators (Jumbo), but not of Major Versions.

In SmartConsole, on which tab are Permissions and Administrators defined?. MANAGE & SETTINGS. SECURITY POLICIES. GATEWAYS & SERVERS. LOGS & MONITOR.

Which tool allows automatic update of Gaia OS and Check Point products installed on Gaia OS?. CPDAS - Check Point Deployment Agent Service. CPUSE - Check Point Upgrade Service Engine. CPASE - Check Point Automatic Service Engine. CPAUE - Check Point Automatic Update Engine.

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server?. Verify and compile Security Policies. Display policies and logs on the administrator's workstation. Store firewall logs to hard drive storage. Manage the object database.

True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time. True, every administrator works on a different database that is independent of the other administrators. False, only one administrator can login with write permission. True, every administrator works in a session that is independent of the other administrators. False, this feature has to be enabled in the Global Properties.

What Check Point tool is used to automatically update Check Point products for the Gaia OS?. Check Point Update Engine. Check Point Upgrade Installation Service. Check Point Upgrade Service Engine (CPUSE). Check Point INSPECT Engine.

If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer. Delete older versions of database. Publish or discard the session. Revert the session. Save and install the Policy.

What are the two deployment options available for a security gateway?. Bridge and Switch. Local and Remote. Cloud and Router. Standalone and Distributed.

One of major features in SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB and AdminC are editing the same Security Policy?. AdminB sees a pencil icon next the rule that AdminB is currently editing. AdminA, AdminB and AdminC are editing three different rules at the same time. AdminA and AdminB are editing the same rule at the same time. AdminC sees a lock icon which indicates that the rule is locked for editing by another administrator.

Which one of the following is the preferred licensing model? Select the BEST answer. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency on the gateway. Central licensing because it ties the package license to the MAC-address of the Security Management Server's Mgmt-interface and has no dependency on the gateway.

A Check Point Software license consists of two components, the Software Blade and the Software Container. There are _____ types of Software Containers: _____. Two; Security Management and Endpoint Security. Three; Security Management, Security Gateway, and Endpoint Security. Three; Security Gateway, Endpoint Security, and Gateway Management. Two; Endpoint Security and Security Gateway.

Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?. Formal. Central. Local. Corporate.

Tom has connected to the Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made?. Tom will have to reboot his SmartConsole computer, and access the Management cache store on that computer, which is only accessible after a reboot. Tom will have to reboot his SmartConsole computer, clear the cache, and restore changes. Tom's changes will have been stored on the Management when he reconnects and he will not lose any of his work. Tom’s changes will be lost since he lost connectivity and he will have to start again.

In which deployment is the security management server and Security Gateway installed on the same appliance?. Switch. Standalone. Distributed. Remote.

Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?. Data Awareness. Threat Emulation. Application Control. Identity Awareness.

DLP and Mobile Access Policy are examples of what type of Policy?. Shared Policies. Unified Policies. Inspection Policies. Standard Policies.

What is the default shell of Gaia CLI?. Read-only. Expert. Clish. Bash.

Which of the following is NOT a valid application navigation tab in SmartConsole?. WEBUI & COMMAND LINE. SECURITY POLICIES. GATEWAYS & SERVERS. LOGS & MONITOR.

What are two basic rules Check Point recommends for building an effective security policy?. Accept Rule and Drop Rule. Explicit Rule and Implied Rule. Cleanup Rule and Stealth Rule. NAT Rule and Reject Rule.

When dealing with policy layers, what two layer types can be utilized?. Inbound Layers and Outbound Layers. Ordered Layers and Inline Layers. Structured Layers and Overlap Layers. R81.X does not support Layers.

What are the three main components of Check Point security management architecture?. Smart Console, Standalone, Security Management Server. Policy-Client, Security Management Server, Security Gateway. SmartConsole, Security Policy Server, Logs & Monitoring. SmartConsole, Security Management Server, Security Gateway.

Which Check Point software blade provides protection from zero-day and undiscovered threats?. Threat Extraction. Threat Emulation. Firewall. Application Control.

What are the three types of UserCheck messages?. ask, block, and notify. block, action, and warn. action, inform, and ask. inform, ask, and drop.

By default, which port is used to connect to the GAiA Portal?. 4434. 80. 8080. 443.

Choose what BEST describes a Session. Sessions ends when policy is pushed to the Security Gateway. Sessions locks the policy package for editing. Starts when an Administrator logs in through SmartConsole and ends when the Administrator logs out. Starts when an Administrator publishes all the changes made on SmartConsole.

Which command shows detailed information about VPN tunnels?. cat $FWDIR/conf/vpn.conf. vpn tu tlist. vpn tu. cpview.

After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do?. Gateways will send new firewall logs to the new Log Server as soon as the SIC trust is set up between the SMS and the new Log Server. Logs are not automatically forwarded to a new Log Server. SmartConsole must be used to manually configure each gateway to send its logs to the server. The firewalls will detect the new Log Server after the next policy install and redirect the new logs to the new Log Server. The gateways can only send logs to an SMS and cannot send logs to a Log Server. Log Servers are proprietary log archive servers.

Which of the following is a valid deployment option?. CloudSec deployment. Disliked deployment. Router only deployment. Standalone deployment.

Using the SmartConsole, which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?. Read Only All. Full Access. Editor. Super User.

Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?. Logging and Status. Monitoring. Threat Emulation. Application Control.

Which type of Check Point license ties the package license to the IP address of the Security Management Server?. Formal. Corporate. Central. Local.

Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers? Choose the BEST answer. Anti-Malware. Content Awareness. Anti-Virus. IPS.

URL Filtering cannot be used to: Control Data Security. Decrease legal liability. Improve organizational security. Control Bandwidth issues.

Which one of the following is TRUE?. One policy can be either inline or ordered, but not both. Inline layer can be defined as a rule action. Ordered policy is a sub-policy within another policy. Pre-R80 Gateways do not support ordered layers.

Fill in the blanks: A Check Point software license consists of a _____ and _____. Software container; software package. Software package; signature. Signature; software blade. Software blade; software container.

Which of the following is used to initially create trust between a Gateway and Security Management Server?. One-time Password. Token. Certificate. Internal Certificate Authority.

What are the two elements of address translation rules?. Original packet and translated packet. Manipulated packet and original packet. Untranslated packet and manipulated packet. Translated packet and untranslated packet.

Which of the following log queries would show only dropped packets with source address of 192.168.1.1 and destination address of 172.26.1.1?. 192.168.1.1 AND 172.26.1.1 AND drop. src:192.168.1.1 AND dst:172.26.1.1 AND action:Drop. 192.168.1.1 OR 172.26.1.1 AND action:Drop. src:192.168.1.1 OR dst:172.26.1.1 AND action:Drop.

Fill in the blanks: The _____ collects logs and sends them to the _____. Log server; Security Gateway. Security Gateways; log server. Log server; security management server. Security management server; Security Gateway.

Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?. RADIUS. SecurID. Check Point password. Security questions.

Which of the following statements about Site-to-Site VPN Domain-based is NOT true?. Route-based- The Security Gateways will have a Virtual Tunnel Interface (VTI) for each VPN Tunnel with a peer VPN Gateway. The Routing Table can have routes to forward traffic to these VTIs. Any traffic routed through a VTI is automatically identified as VPN Traffic and is passed through the VPN Tunnel associated with the VTI. Domain-based- VPN domains are pre-defined for all VPN Gateways. A VPN domain is a service or user that can send or receive VPN traffic through a VPN Gateway. Domain-based- VPN domains are pre-defined for all VPN Gateways. A VPN domain is a host or network that can send or receive VPN traffic through a VPN Gateway. Domain-based- VPN domains are pre-defined for all VPN Gateways. When the Security Gateway encounters traffic originating from one VPN Domain with the destination to a VPN Domain of another VPN Gateway, that traffic is identified as VPN traffic and is sent through the VPN Tunnel between the two Gateways.

What is the main objective when using Application Control?. To see what users are doing. Ensure security and privacy of information. To filter out specific content. To assist the firewall blade with handling traffic.

Fill in the blank: Backup and restores can be accomplished through _____. CLI, SmartUpdate, or SmartBackup. SmartUpdate, SmartBackup, or SmartConsole. SmartConsole, WebUI, or CLI. WebUI, CLI, or SmartUpdate.

What kind of NAT enables Source Port Address Translation by default?. Automatic Hide NAT. Automatic Static NAT. Manual Static NAT. Manual Hide NAT.

Fill in the blanks: In _____ NAT, Only the _____ is translated. Hide; source. Simple; source. Static; source. Hide; destination.

Application Control/URL filtering database library is known as: AppWiki. Application-Forensic Database. Application Library. Application database.

Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?. Security Management Server. Security Gateway. SmartConsole. SmartManager.

Which of the following technologies extracts detailed information from packets and stores that information in different tables?. Application Layer Firewall. Packet Filtering. Next-Generation Firewall. Stateful Inspection.

You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic?. Open SmartEvent to see why they are being blocked. From SmartConsole, go to the Log & Monitor tab and filter for the IP address of the tablet. Open SmartMonitor and connect remotely to the wireless controller. Open SmartUpdate and review the logs tab.

Rugged appliances are small appliances with ruggedized hardware and like Quantum Spark appliance they use which operating system?. Gaia iOS. Red Hat Enterprise Linux version 4. Centos Unix. Gaia embedded.

What command from the CLI would be used to view current licensing?. cplic print. show license -s. fw ctl tab -t license -s. license view.

A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?. Security Zones are not supported by Check Point firewalls. The firewall rule can be configured to include one or more subnets in a zone. The zone is based on the network topology and determined according to where the interface leads to. The local directly connected subnet defined by the subnet IP and subnet mask.

Which of the completed statements is NOT true? The GAiA Portal (WebUI) can be used to manage Operating System user accounts and: assign privileges to users. assign user rights to the directory structure on the Security Management Server. add more users to the Gaia operating system. change the home directory of the user.

Which encryption algorithm is the least secured?. 3DES. AES-128. DES. AES-256.

Fill in the blank: SmartConsole, SmartEvent GUI client, and _____ allow viewing of billions of consolidated logs and shows them as prioritized security events. SmartMonitor. SmartReporter. SmartTracker. SmartView Web Application.

What is the default tracking option of a rule?. None. Alert. Log. Tracking.

Fill in the blank: Once a license is activated, a _____ should be installed. License Management file. License Contract file. Security Gateway Contract file. Service Contract file.

When should you generate new licenses?. Only when the license is upgraded. After a device upgrade. When the existing license expires, the license is upgraded, or the IP address associated with the license changes. Before installing contract files.

Fill in the blank: The position of an Implied rule is manipulated in the _____ window. Firewall. Object Explorer. Global Properties. NAT.

Which of the following situations would not require a new license to be generated and installed?. The existing license expires. The Security Gateway is upgraded. The license is upgraded. The IP address of the Security Management or Security Gateway has changed.

You have enabled “Extended Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?. Log Trimming is enabled. Content Awareness is not enabled. Logging has disk space issues. Identity Awareness is not enabled.

Fill in the blank: In order to install a license, it must first be added to the _____. Package repository. Download Center Web site. License and Contract repository. User Center.

What is required for a certificate-based VPN tunnel between two gateways with separate management systems?. Shared Secret Passwords. Unique Passwords. Shared User Certificates. Mutually Trusted Certificate Authorities.

Main Mode in iKEv1 uses how many packages for negotiation?. 3. depends on the make of the peer gateway. 6. 4.

Which is a main component of the Check Point security management architecture?. Proxy Server. Endpoint VPN client. Identity Collector. SmartConsole.

What are the two types of NAT supported by the Security Gateway?. Destination and Hide. Source and Destination. Static and Source. Hide and Static.

Fill in the blank: A(n) _____ rule is created by an administrator and configured to allow or block traffic based on specified criteria. Explicit. Implicit drop. Implicit accept. Inline.

Where is the "Hit Count" feature enabled or disabled in SmartConsole?. In Global Properties. On each Security Gateway. On the Policy layer. On the Policy Package.

Log query results can be exported to what file format?. Comma Separated Value (csv). Word Document (docx). Text (txt). Portable Document Format (pdf).

In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer. Command line of the Security Management Server or mgmt_cli.exe on any Windows computer. SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed. mgmt_cli (API) or WebUI on Security Gateway and SmartConsole on the Security Management Server. SmartConsole and WebUI on the Security Management Server.

Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?. Anti-spam and Email Security. Anti-Virus. Firewall. Application Control.

When a Security Gateway communicates about its status to an IP address other than its own, which deployment option was chosen?. Targeted. Bridge Mode. Distributed. Standalone.

In HTTPS Inspection policy, what actions are available in the "Actions" column of a rule?. "Inspect", "Bypass", "Block". "Inspect", "Bypass", "Categorize". "Inspect", "Bypass". "Detect", "Bypass".

Why is a Central License the preferred and recommended method of licensing?. Central Licensing ties to the IP address of the management server and is not dependent on the IP of any gateway in the event it changes. Central Licensing actually not supported with Gaia. Central Licensing ties to the IP address of a gateway and can be changed to any gateway if needed. Central Licensing is the only option when deploying Gaia.

In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?. Install policy. Publish changes. Install database. Save changes.

Which of the following is NOT an alert option?. SNMP. User defined alert. High alert. Mail.

The VPN Link Selection will perform the following if the primary VPN link goes down?. The Firewall will send out the packet on all interfaces. The Firewall will inform the client that the tunnel is down. The Firewall can update the Link Selection entries to start using a different link for the same tunnel. The Firewall will drop the packets.

A layer can support different combinations of blades. What are the supported blades: Firewall, NAT, Content Awareness and Mobile Access. Firewall, URLF, Content Awareness and Mobile Access. Firewall (Network Access Control), Application & URL Filtering and Content Awareness. Firewall (Network Access Control), Application & URL Filtering, Content Awareness and Mobile Access.

Fill in the blanks: The Application Layer Firewalls inspect traffic through the _____ layer(s) of the TCP/IP model and up to and including the _____ layer. Upper; Application. Lower; Application. First two; Internet. First two; Transport.

When configuring Anti-Spoofing, which tracking options can an Administrator select?. Log, Alert, None. Drop Packet, Alert, None. Log, Allow Packets, Email. Log, Send SNMP Trap, Email.

What licensing feature automatically verifies current licenses and activates new licenses added to the License and Contracts repository?. Automatic Licensing and Verification tool. Verification licensing. Verification tool. Automatic licensing.

What are valid authentication methods for mutual authenticating the VPN gateways?. Pre-shared Secret and PKI Certificates. PKI Certificates and Kerberos Tickets. Pre-Shared Secrets and Kerberos Ticket. PKI Certificates and DynamicID OTP.

Which option in tracking allows you to see the amount of data passed in the connection?. Advanced. Accounting. Data. Logs.

Both major kinds of NAT support Hide and Static NAT. However, one offers more flexibility. Which statement is true?. Manual NAT can offer more flexibility than Automatic NAT. Dynamic NAT with Port Address Translation can offer more flexibility than Network Address Translation (NAT) Overloading. Automatic NAT can offer more flexibility than Manual NAT. Dynamic Network Address Translation (NAT) Overloading can offer more flexibility than Port Address Translation.

Fill in the blank: Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is _____. Stored on the Security Management Server. Stored on the Certificate Revocation List. Sent to the Internal Certificate Authority. Sent to the Security Administrator.

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?. Threat Emulation. Anti-Virus. Advanced Networking Blade. Application Control.

In order to see real-time and historical graph views of Security Gateway statistics in SmartView Monitor, what feature needs to be enabled on the Security Gateway?. Monitoring Blade. SNMP. None - the data is available by default. Logging & Monitoring.

How do logs change when the "Accounting" tracking option is enabled on a traffic rule?. Involved traffic logs are updated every 10 minutes to show how much data has passed on the connection. Involved traffic logs will be forwarded to a log server. Provides additional information to the connected user. Provides log details view email to the Administrator.

What are the software components used by Autonomous Threat Prevention Profiles in R81.20 and higher?. Sandbox, ThreatCloud, Zero Phishing, Sanitization, C&C Protection, IPS, File and URL Reputation. IPS, Threat Emulation and Threat Extraction. Sandbox, ThreatCloud, Sanitization, C&C Protection, IPS. IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction.

In large organizations where there are a number of managed Check Point firewalls that generate a lot of logs it is recommended to install the Log Server on a dedicated computer. Which statement is FALSE?. The dedicated Log Server must be the same version as the Security Management Server. A Log Server has a SIC certificate which allows secure communication with the SMS and Security Gateways. More than one Log Server can be installed. A dedicated SmartEvent server is required for a separate Log Server to be deployed in the SmartEvent server.

What is required for a site-to-site VPN tunnel that does not use certificates?. Unique Passwords. Pre-Shared Secret. SecureID. RSA Token.

Fill in the blanks: A _____ license requires an administrator to designate a gateway for attachment whereas a license is automatically attached to a Security Gateway. Local; formal. Central; local. Formal; corporate. Local; central.

When URL Filtering is set, what identifying data gets sent to the Check Point Online Web Service?. The full URL, including page data, is sent to the Check Point Online Web Service. The URL and IP address are sent to the Check Point Online Web Service. The host part of the URL is sent to the Check Point Online Web Service. The URL and server certificate are sent to the Check Point Online Web Service.

What is the main difference between Static NAT and Hide NAT?. Static NAT only allows outgoing connections. Hide NAT allows incoming and outgoing connections. Hide NAT only allows incoming connections to protect your network. Static NAT allow incoming and outgoing connections. Hide NAT only allows outgoing connections. Static NAT only allows incoming connections to protect your network.

What default layers are included when creating a new policy layer?. Application Control, URL Filtering and Threat Prevention. Firewall, Application Control and IPSec VPN. Firewall, Application Control and IPS. Access Control, Threat Prevention and HTTPS Inspection.

What are the types of Software Containers?. Smart Console, Security Management, and Security Gateway. Security Management, Security Gateway, and Endpoint Security. Security Management, Standalone, and Security Gateway. Security Management, Log & Monitoring, and Security Policy.

If there is an Accept Implied Policy set to “First”, what is the reason Jorge cannot see any logs?. Track log column is set to Log instead of Full Log. Log Implied Rule was not selected on Global Properties. Track log column is set to none. Log Implied Rule was not set correctly on the track column on the rules base.

Which SmartConsole tab show logs and detected security threats, providing a centralized display of potential attack patterns from all network devices?. LOGS & MONITOR. SECURITY POLICIES. GATEWAY & SERVERS.

Is it possible to have more than one administrator connected to a Security Management Server oce?. Yes, but objects edited by one administrator will be locked for editing by others until the sessions is published. .

Which command shows the installed licensesin Expert mode?. cplic print. .

When you upload a package or license to the appropriate in SmartUpdate, where is the package or license stored?. Security Management Server. .

Security Gateway software blades must be attached to what?. Security Gateway Container. .

Which policy type is used to enforce bandwidth and traffic control rules?. QoS. .

What is the purpose of a Stealth Rule?. To drop any traffic destined for the firewall that is not otherwise explicitly allowed. .

Which Check Point Aplkication Control feature enables scanning and detection?. AppWiki. .

What type of NAT is a one-to-one relationship where each host is translated to a unique address?. Static. .

When using Automatic Hide NAT, what is enabled by default?. Source Port Address Translation (PAT). .

What is UserCheck?. Communication tool used to inform a user about a website or application they are trying to access. .

Which tool allows yoy to monitor the top bandwidth on smart console?. SmartView Monitor. .

In the Check Point Security Management Architecture, which component(s) can store logs?. Security Management Server and Security Gateway. .